CVE-2011-3929

Published: 8/20/2012 Last updated: 8/6/2024 Reserved: 10/1/2011

The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file.

CNA assigner: Chrome (ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	26.20.100.7000

References (14)

http://www.ubuntu.com/usn/USN-1479-1
http://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=5a396bb3a66a61a68b80f2369d0249729bf85e04
http://secunia.com/advisories/49089
http://ffmpeg.org/
http://www.debian.org/security/2012/dsa-2471
http://libav.org/
http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=635bcfccd439480003b74a665b5aa7c872c1ad6b
http://www.ubuntu.com/usn/USN-1479-1
http://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=5a396bb3a66a61a68b80f2369d0249729bf85e04
http://secunia.com/advisories/49089
http://ffmpeg.org/
http://www.debian.org/security/2012/dsa-2471
http://libav.org/
http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=635bcfccd439480003b74a665b5aa7c872c1ad6b